package com.prj.ufdm.cloud.svr.gateway.filter;

import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.core.Ordered;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.server.ServerWebExchange;
import com.prj.ufdm.cloud.base.dto.RetData;
import com.prj.ufdm.cloud.base.dto.RetDataHead;
import com.prj.ufdm.cloud.base.enums.BaseRetCodeEnum;
import com.prj.ufdm.cloud.svr.gateway.bpo.AuthBPO;
import com.prj.ufdm.cloud.svr.gateway.model.SysUser;

import reactor.core.publisher.Mono;

public class AuthGatewayFilter implements GatewayFilter, Ordered{
	
	private AuthBPO authBPO;
	
	public AuthGatewayFilter(AuthBPO authBPO){
		this.authBPO = authBPO;
	}
	
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain){
    	System.out.println("网关过滤器启动");
		ServerHttpRequest request =  exchange.getRequest();
		ServerHttpResponse response = exchange.getResponse();
		String requestURI = request.getURI().getPath();
		System.out.println("\n requestURI:"+requestURI);
    	try 
    	{
    		//更新资源
    		authBPO.setMetadadaSource(requestURI);
    		
			// 允许访问的URI
			boolean isAllowURI = authBPO.checkAllowURI(requestURI);
			if (isAllowURI) {
				System.out.println("\n 允许访问，无需TOKEN验证.......");
				return chain.filter(exchange);
			} 
			
			// 验证TOKEN
			RetData<SysUser> vadliateTokenResult = authBPO.validateToken(request);
			if(!vadliateTokenResult.getRetHead().getCode().equals(BaseRetCodeEnum.RET_CODE_0000000.getCode())) {
				System.out.println("\n TOKEN验证失败.......");
				return authBPO.exchangeErrHandle(response,vadliateTokenResult);
			}
			SysUser sysUser = vadliateTokenResult.getRetBody();
			
			// 判断是否需要鉴权
			boolean isAuthURI  = authBPO.checkAuthURI(requestURI);
			
			System.out.println("\n 是否需要鉴权："+isAuthURI);
			
			if(isAuthURI) {
				// 验证权限
				RetData<SysUser> validateAuthURIResult = authBPO.validateAuthURI(requestURI,sysUser);
				
				System.out.println("\n 鉴权结果："+validateAuthURIResult);
				
				if(!validateAuthURIResult.getRetHead().getCode().equals(BaseRetCodeEnum.RET_CODE_0000000.getCode())) {
					System.out.println("\n 授权验证失败.......");
					return authBPO.exchangeErrHandle(response,validateAuthURIResult);
				}
			}
			
			System.out.println("\n 通过访问.......");
			
			return authBPO.exchangeHandle(exchange,chain,sysUser);
			
    	}
    	catch(Exception er) {
    		er.printStackTrace();
    		RetData<String> retData = new RetData<String>();
            RetDataHead retDataHead = new RetDataHead();
            retDataHead.setCode(BaseRetCodeEnum.RET_CODE_9999999.getCode());
            retDataHead.setMessage(BaseRetCodeEnum.RET_CODE_9999999.getMessage());
    		retData.setRetHead(retDataHead);
			return authBPO.exchangeErrHandle(response,retData);
    	}
    }
 
    @Override
    public int getOrder() {
        return Ordered.HIGHEST_PRECEDENCE;
    }
}

